ROS-20260520-73-0002

A vulnerability in the Skia graphics library of the Google Chrome and Microsoft Edge browsers is related to writing outside of buffer boundaries in memory. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality, integrity and availability of protected...

OPENSUSE-SU-2026:10827-1 oci-cli-3.83.0-1.1 on GA media

These are all security issues fixed in the oci-cli-3.83.0-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10823-1 helm-4.2.0-2.1 on GA media

These are all security issues fixed in the helm-4.2.0-2.1 package on the GA media of openSUSE Tumbleweed...

ROS-20260520-73-0046

A vulnerability in the ANGLE library of Google Chrome browser is related to integer overflow. Exploitation of the vulnerability could allow a remote attacker to compromise the confidentiality, integrity and availability of protected information...

ROS-20260520-73-0007

A vulnerability in the WebGL component of Google Chrome and Microsoft Edge browsers is related to reading outside of the allowed range in memory. Exploitation of the vulnerability could allow an attacker acting remotely to affect the confidentiality, integrity and availability of protected...

OPENSUSE-SU-2026:10822-1 hauler-1.4.3-2.1 on GA media

These are all security issues fixed in the hauler-1.4.3-2.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10826-1 libzypp-17.38.9-1.1 on GA media

These are all security issues fixed in the libzypp-17.38.9-1.1 package on the GA media of openSUSE Tumbleweed...

firefox-esr-140.11.0-1.1 on GA media (moderate)

firefox-esr-140.11.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10813-1 Rating: moderate Cross-References: CVE-2026-8388 CVE-2026-8391 CVE-2026-8401 CVE-2026-8946 CVE-2026-8947 CVE-2026-8949 CVE-2026-8950 CVE-2026-8953 CVE-2026-8954 CVE-2026-8955 CVE-2026-8956 CVE-2026-8957 CVE-2026-8958...

OPENSUSE-SU-2026:10820-1 cups-2.4.19-2.1 on GA media

These are all security issues fixed in the cups-2.4.19-2.1 package on the GA media of openSUSE Tumbleweed...

edk2: EDK2: Improper Input Validation allows arbitrary command execution

A flaw was found in EDK2 EFI Development Kit 2. This vulnerability allows an attacker to cause arbitrary command execution and impact Confidentiality, Integrity, and Availability via improper input validation by local access...

OPENSUSE-SU-2026:10816-1 libpainter0-0.9.27-2.1 on GA media

These are all security issues fixed in the libpainter0-0.9.27-2.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10815-1 libsdb2_4_2-6.1.4-2.1 on GA media

These are all security issues fixed in the libsdb242-6.1.4-2.1 package on the GA media of openSUSE Tumbleweed...

postgresql14-14.23-1.1 on GA media (moderate)

postgresql14-14.23-1.1 on GA media Announcement ID: openSUSE-SU-2026:10806-1 Rating: moderate Cross-References: CVE-2026-6472 CVE-2026-6473 CVE-2026-6474 CVE-2026-6475 CVE-2026-6477 CVE-2026-6478 CVE-2026-6479 CVE-2026-6637 CVSS scores: CVE-2026-6472 SUSE : 5.4...

GHSA-PGVV-Q3WF-MM9M OpenTelemetry eBPF Instrumentation: Postgres BIND parsing can panic on malformed payloads

Summary The Postgres protocol parser assumes BIND message payloads contain a valid NUL-terminated portal name. A crafted empty or unterminated payload can make OBI slice beyond the end of the captured buffer and panic. Details The vulnerable logic is in pkg/ebpf/common/sqldetectpostgres.go. In th...

OpenTelemetry eBPF Instrumentation: Postgres BIND parsing can panic on malformed payloads

Summary The Postgres protocol parser assumes BIND message payloads contain a valid NUL-terminated portal name. A crafted empty or unterminated payload can make OBI slice beyond the end of the captured buffer and panic. Details The vulnerable logic is in pkg/ebpf/common/sqldetectpostgres.go. In th...

OPENSUSE-SU-2026:10810-1 traefik-3.6.17-1.1 on GA media

These are all security issues fixed in the traefik-3.6.17-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10807-1 postgresql15-15.18-1.1 on GA media

These are all security issues fixed in the postgresql15-15.18-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10811-1 traefik2-2.11.46-1.1 on GA media

These are all security issues fixed in the traefik2-2.11.46-1.1 package on the GA media of openSUSE Tumbleweed...

kernel-devel-7.0.7-1.1 on GA media (moderate)

kernel-devel-7.0.7-1.1 on GA media Announcement ID: openSUSE-SU-2026:10793-1 Rating: moderate Cross-References: CVE-2026-31694 CVE-2026-31696 CVE-2026-31697 CVE-2026-31698 CVE-2026-31699 CVE-2026-31700 CVE-2026-31701 CVE-2026-31702 CVE-2026-31703 CVE-2026-31704 CVE-2026-31705 CVE-2026-31706...

java-17-openj9-17.0.19.0-2.1 on GA media (moderate)

java-17-openj9-17.0.19.0-2.1 on GA media Announcement ID: openSUSE-SU-2026:10789-1 Rating: moderate Cross-References: CVE-2026-1188 CVSS scores: CVE-2026-1188 SUSE : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can...